FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

konversation -- shell script command injection

Affected packages
konversation < 0.15

Details

VuXML ID 5c7bb4dd-6a56-11d9-97ec-000c6e8f12ef
Discovery 2005-01-19
Entry 2005-01-19
Modified 2005-01-21

Konversation comes with Perl scripts that do not properly escape shell characters on executing a script. This makes it possible to attack Konversation with shell script command injection.

References

CVE Name CVE-2005-0129
CVE Name CVE-2005-0130
CVE Name CVE-2005-0131
Message 200501191739.56585.wouter@coekaerts.be

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.